Slashdot Mirror

An anonymous reader writes "After having first decided against forcing a suspect to decrypt a number of hard drives that were believed to be his and to contain child pornography, a U.S. judge has changed his mind and has now ordered the suspect to provide law enforcement agents heading the investigation with a decrypted version of the contents of his encrypted data storage system, or the passwords needed to decrypt forensic copies of those storage devices. Jeffrey Feldman, a software developer at Rockwell Automation, has still not been charged with any crime, and the prosecution initially couldn't prove conclusively that the encrypted hard drives contained child pornography or were actually Feldman's, which led U.S. Magistrate Judge William Callahan to decide that forcing him to decrypt them would violate his Fifth Amendment right against self-incrimination. But new evidence has made the judge reverse his first decision (PDF): the FBI has continued to try to crack the encryption on the discs, and has recently managed to decrypt and access one of the suspect's hard drives... The storage device was found to contain 'an intricate electronic folder structure comprised of approximately 6,712 folders and subfolders,' approximately 707,307 files (among them numerous files which constitute child pornography), detailed personal financial records and documents belonging to the suspect, as well as dozens of his personal photographs."

An anonymous reader writes "When it comes to spotting malware, signature-based detection, heuristics and cloud-based recognition and information sharing used by many antivirus solutions today work well up a certain point, but the polymorphic malware still gives them a run for their money. At the annual AusCert conference held this week in Australia a doctorate candidate from Deakin University in Melbourne has presented the result of his research and work that just might be the solution to this problem. Security researcher Silvio Cesare had noticed that malware code consists of small "structures" that remain the same even after moderate changes to its code. He created Simseer, a free online service that performs automated analysis on submitted malware samples and tells and shows you just how similar they are to other submitted specimens. It scores the similarity between malware (any kind of software, really), and it charts the results and visualizes program relationships as an evolutionary tree."

An anonymous reader writes "Edwin Vargas, a detective with the New York City Police Department, was arrested on Tuesday for computer hacking crimes. According to the complaint unsealed in Manhattan federal court, between March 2011 and October 2012, Vargas, an NYPD detective assigned to a precinct in the Bronx, hired an e-mail hacking service to obtain log-in credentials, such as the password and username, for certain e-mail accounts. In total, he purchased access to at least 43 personal e-mail accounts belonging to 30 different individuals, including at least 19 who are affiliated with the NYPD."

An anonymous reader writes "When in early 2010 Google shared with the public that they had been breached in what became known as the Aurora attacks, they said that the attackers got their hands on some source code and were looking to access Gmail accounts of Tibetan activists. What they didn't make public is that the hackers have also accessed a database containing information about court-issued surveillance orders that enabled law enforcement agencies to monitor email accounts belonging to diplomats, suspected spies and terrorists. Whether this was the primary goal of the attacks as well as how much information was exfiltrated is unknown. current and former U.S. government officials interviewed by the Washington Post say that the database in question was possibly accessed in order to discover which Chinese intelligence operatives located in the U.S. were under surveillance."

An anonymous reader writes "Last week's revelation of the existence of Linux/Cdorked.A, a highly advanced and stealthy Apache backdoor used to drive traffic from legitimate compromised sites to malicious websites carrying Blackhole exploit packs, was only the beginning — ESET's continuing investigation has now revealed that the backdoor also infects sites running the nginx and Lighttpd webservers. Researchers have, so far, detected more than 400 webservers infected with the backdoor, and 50 of them are among the world's most popular and visited websites." Here's the researchers' original report.

An anonymous reader writes "A new report details the analysis of more than 450 million lines of software through the Coverity Scan service, which began as the largest public-private sector research project focused on open source software integrity, and was initiated between Coverity and the U.S. Department of Homeland Security in 2006. Code quality for open source software continues to mirror that of proprietary software — and both continue to surpass the industry standard for software quality. Defect density (defects per 1,000 lines of software code) is a commonly used measurement for software quality. The analysis found an average defect density of .69 for open source software projects, and an average defect density of .68 for proprietary code."

An anonymous reader writes "ESET researchers, together with web security firm Sucuri, have been analyzing a new threat affecting Apache webservers. The threat is a highly advanced and stealthy backdoor being used to drive traffic to malicious websites carrying Blackhole exploit packs. Researchers have named the backdoor Linux/Cdorked.A, and it is the most sophisticated Apache backdoor seen so far. The Linux/Cdorked.A backdoor does not leave traces on the hard-disk other than a modified 'httpd' file, the daemon (or service) used by Apache. All information related to the backdoor is stored in shared memory on the server, making detection difficult and hampering analysis."

An anonymous reader writes "Until today, hacking and hijacking planes by pressing a few buttons on an Android mobile app has been the stuff of over-the-top blockbuster movies. However, the talk that security researcher and commercial airplane pilot Hugo Teso delivered today at the Hack in the Box conference in Amsterdam has brought it into the realm of reality and has given us one more thing to worry about and fear (presentation slides PDF). One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircrafts equipped with the technology to receive flight, traffic and weather information about other aircrafts currently in the air in their vicinity. The other one is the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between aircrafts and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter. Both of these technologies are massively insecure and are susceptible to a number of passive and active attacks. Teso misused the ADS-B to select targets, and the ACARS to gather information about the onboard computer as well as to exploit its vulnerabilities by delivering spoofed malicious messages that affect the'behavior' of the plane."

An anonymous reader writes "Research suggests there will be a rise in everyday hackers. A simple Google search for 'SQL injection hack' provides 1.74 million results, including videos with explicit instructions on how to exploit SQL injection vulnerabilities. The ready availability of this information makes it possible for less technically skilled hackers to take advantage of this common flaw. Although SQL injection flaws are easy to identify and fix, Veracode found that 32 percent of web applications are still affected by SQL injection vulnerabilities. As a result, as many as 30 percent of breaches in 2013 will be from SQL injection attacks. The research also concluded that the leading cause of security breaches and data loss for organizations is insecure software. The report found that 70 percent of software failed to comply with enterprise security policies on their first submission for security testing."

An anonymous reader writes with this tidbit from Net Security: "Players of The War Z, a first-person zombie survival game, have been notified of a breach of the developer's forum and game databases and the theft of user data contained in them. 'The data accessed included email addresses used to log-in to the forum, forum passwords which we encrypt, email addresses used to log-in to the game, encrypted game passwords as well as in-game character names and the IP addresses from which players log-in to the forum and to the game,' the developer explained ...There is no mention of what encryption algorithm they use to encrypt the passwords, nor whether they are 'salted,' so their advice to users about immediately changing the passwords they used for the forum and the account is more than fitting."

Orome1 writes "The number of IT professionals considering leaving their job due to workplace stress has jumped from 69% last year to 73%. One-third of those surveyed cited dealing with managers as their most stressful job requirement, particularly for IT staff in larger organizations. Handling end user support requests, budget squeeze and tight deadlines were also listed as the main causes of workplace stress for IT managers. Although users are not causing IT staff as much stress as they used to, it isn't stopping them from creating moments that make IT admins want to tear their hair out in frustration. Of great concern is the impact that work stress is having on health and relationships. While a total of 80% of participants revealed that their job had negatively impacted their personal life in some way, the survey discovered some significant personal impact: 18% have suffered stress-related health issues due to their work, and 28% have lost sleep due to work."

An anonymous reader writes with some news that might make you think twice before getting a network-enabled camera. From the article: "Users' desire to share things online has influenced many markets, including the digital camera one. Newer cameras increasingly sport built-in Wi-Fi capabilities or allow users to add SD cards to achieve them in order to be able to upload and share photos and videos as soon as they take them. But, as proven by Daniel Mende and Pascal Turbing, security researchers with ERNW, these capabilities also have security flaws that can be easily exploited for turning these cameras into spying devices. The researchers chose to compromise Canon's EOS-1D X DSLR camera and exploit each of the four ways it can communicate with a network. Not only have they been able to hijack the information sent from the camera, but have also managed to gain complete control of it."

Orome1 writes "Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the public about the seriousness of the matter and maybe make the company pick up the pace. Mindful of the danger that the vulnerabilities present to the users if they are exploited by malicious individuals, he decided not to share any technical details, but to just give a broad overview of what their misuse would allow. This includes a silent installation of highly-privileged applications with no user interaction and an app performing almost any action on the victim's phone."

An anonymous reader writes "Symantec researchers have discovered an older version of the infamous Stuxnet worm that caused the disruption at Iran's nuclear facility in Natanz: Stuxnet 0.5. According to a whitepaper released by the researchers at RSA Conference 2013, Stuxnet 0.5 has first been detected in the wild in 2007 when someone submitted it to the VirusTotal malware scanning service, but has been in development as early as November 2005. Unlike Stuxnet versions 1.x that disrupted the functioning of the uranium enrichment plant by making centrifuges spin too fast or too slow, this one was meant to do so by closing valves."

Orome1 writes "Adobe has pushed out an emergency Flash update that solves two critical vulnerabilities (CVE-2013-0633 and CVE-2013-0634) that are being actively exploited to target Windows and OS X users, and is urging users to implement it as soon as possible. According to a security bulletin released on Thursday, the OS X exploit targets Flash Player in Firefox or Safari via malicious Flash content hosted on websites, while Windows users are targeted with Microsoft Word documents delivered as an email attachments which contain malicious Flash content. Adobe has also announced its intention of adding new protections against malicious Flash content embedded in Microsoft Office documents to its next feature release of Flash Player."

Orome1 writes "A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide. Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges."

Orome1 writes "A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide. Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges."

Orome1 writes "Barracuda Networks has released firmware updates that remove SSH backdoors in a number of their products and resolve a vulnerability in Barracuda SSL VPN that allows attackers to bypass access restrictions to download potentially insecure files, set new admins passwords, or even shut down the device. The backdoor accounts are present on in all available versions of Barracuda Spam and Virus Firewall, Web Filter, Message Archiver, Web Application Firewall, Link Balancer, Load Balancer, and SSL VPN appliances." Here's Barracuda's tech note about the exploitable holes.

Orome1 writes "Barracuda Networks has released firmware updates that remove SSH backdoors in a number of their products and resolve a vulnerability in Barracuda SSL VPN that allows attackers to bypass access restrictions to download potentially insecure files, set new admins passwords, or even shut down the device. The backdoor accounts are present on in all available versions of Barracuda Spam and Virus Firewall, Web Filter, Message Archiver, Web Application Firewall, Link Balancer, Load Balancer, and SSL VPN appliances." Here's Barracuda's tech note about the exploitable holes.

Orome1 writes "DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco claimed that the vulnerability was already fixed in the latest firmware release, which turned out to be incorrect. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable."

Orome1 writes "DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco claimed that the vulnerability was already fixed in the latest firmware release, which turned out to be incorrect. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable."

Orome1 writes "When imagining law enforcement officers investigating and searching for cyber criminals or evidence about their activities, the last thing that you can probably envision is them searching for a stray cat. But that was exactly what detectives of Japan's National Police Agency recently did as the last step in a complex 'treasure hunt' started on New Year's Day by a person (persons?) who is allegedly the mastermind behind the so-called 'Remote Control Virus.' The malware in question was instrumental in staging a continuous campaign of death and bomb threats sent to airline companies, kindergartens, schools, law offices, broadcasting networks and shrines."

Orome1 writes "When imagining law enforcement officers investigating and searching for cyber criminals or evidence about their activities, the last thing that you can probably envision is them searching for a stray cat. But that was exactly what detectives of Japan's National Police Agency recently did as the last step in a complex 'treasure hunt' started on New Year's Day by a person (persons?) who is allegedly the mastermind behind the so-called 'Remote Control Virus.' The malware in question was instrumental in staging a continuous campaign of death and bomb threats sent to airline companies, kindergartens, schools, law offices, broadcasting networks and shrines."

Orome1 writes "A group of researchers from the Institute of Telecommunications of the Warsaw University of Technology have devised a way to send and receive messages hidden in the data packets used to represent silences during a Skype call. After learning that Skype transmits voice data in 130-byte packets and the silences in 70-byte packets, the researchers came upon the idea of using the latter to conceal the sending and receiving of additional messages."

Orome1 writes "A group of researchers from the Institute of Telecommunications of the Warsaw University of Technology have devised a way to send and receive messages hidden in the data packets used to represent silences during a Skype call. After learning that Skype transmits voice data in 130-byte packets and the silences in 70-byte packets, the researchers came upon the idea of using the latter to conceal the sending and receiving of additional messages."

Orome1 writes "PandaLabs outlined its picks for the most unique viruses of the past year. Rather than a ranking of the most widespread viruses, or those that have caused most infections, these viruses are ones that deserve mention for standing out from the more than 24 million new strains of malware that emerged."

Orome1 writes "PandaLabs outlined its picks for the most unique viruses of the past year. Rather than a ranking of the most widespread viruses, or those that have caused most infections, these viruses are ones that deserve mention for standing out from the more than 24 million new strains of malware that emerged."

Orome1 writes "The voting period for the proposed changes to Facebook's Statement of Rights and Responsibilities and Data Use Policy has ended on Monday, and despite the email sent out to the users asking them to review the changes and cast their vote, less than one percent of all users have done so. 'An external auditor has reviewed and confirmed the final results. Of the 668,872 people who voted, 589,141 recommended we keep our existing SRR and Data Use Policy,' stated Elliot Schrage, Facebook's vice president of communications, public policy, and marketing. Still, that is not nearly enough to prevent the proposed changes — as required by Facebook, at least 30 percent of the users should have voted against them in order to keep the previous versions of the policies. Schrage pointed out that that the whole experience illustrated the clear value of Facebook's notice and comment process."

Orome1 writes "The voting period for the proposed changes to Facebook's Statement of Rights and Responsibilities and Data Use Policy has ended on Monday, and despite the email sent out to the users asking them to review the changes and cast their vote, less than one percent of all users have done so. 'An external auditor has reviewed and confirmed the final results. Of the 668,872 people who voted, 589,141 recommended we keep our existing SRR and Data Use Policy,' stated Elliot Schrage, Facebook's vice president of communications, public policy, and marketing. Still, that is not nearly enough to prevent the proposed changes — as required by Facebook, at least 30 percent of the users should have voted against them in order to keep the previous versions of the policies. Schrage pointed out that that the whole experience illustrated the clear value of Facebook's notice and comment process."

Orome1 writes "The voting period for the proposed changes to Facebook's Statement of Rights and Responsibilities and Data Use Policy has ended on Monday, and despite the email sent out to the users asking them to review the changes and cast their vote, less than one percent of all users have done so. 'An external auditor has reviewed and confirmed the final results. Of the 668,872 people who voted, 589,141 recommended we keep our existing SRR and Data Use Policy,' stated Elliot Schrage, Facebook's vice president of communications, public policy, and marketing. Still, that is not nearly enough to prevent the proposed changes — as required by Facebook, at least 30 percent of the users should have voted against them in order to keep the previous versions of the policies. Schrage pointed out that that the whole experience illustrated the clear value of Facebook's notice and comment process."

Orome1 writes "QR codes are very handy for directing users to specific sites by simply scanning them with their smartphones. But the ease with which this technology works has also made it a favorite of malware peddlers and online crooks, who have taken to including QR codes that lead to malicious sites in spam emails. They have also begun using the same tactic in the physical world, by printing out the malicious QR codes on stickers and affixing them on prominent places in locations where there is a lot of foot traffic. According to Symantec Hosted Services director Warren Sealey, these locations include airports and city centers, where the crooks stick them over genuine QR codes included in advertisements and notices, and most likely anywhere a person might look and be tempted to scan them."

Orome1 writes "QR codes are very handy for directing users to specific sites by simply scanning them with their smartphones. But the ease with which this technology works has also made it a favorite of malware peddlers and online crooks, who have taken to including QR codes that lead to malicious sites in spam emails. They have also begun using the same tactic in the physical world, by printing out the malicious QR codes on stickers and affixing them on prominent places in locations where there is a lot of foot traffic. According to Symantec Hosted Services director Warren Sealey, these locations include airports and city centers, where the crooks stick them over genuine QR codes included in advertisements and notices, and most likely anywhere a person might look and be tempted to scan them."

Orome1 writes "Check Point has revealed how a sophisticated malware attack was used to steal an estimated €36 million from over 30,000 customers of over 30 banks in Italy, Spain, Germany and Holland over summer this year. The theft used malware to target the PCs and mobile devices of banking customers (PDF). The attack also took advantage of SMS messages used by banks as part of customers' secure login and authentication process. The attack infected both corporate and private banking users, performing automatic transfers that varied from €500 to €250,000 each to accounts spread across Europe."

Orome1 writes "Check Point has revealed how a sophisticated malware attack was used to steal an estimated €36 million from over 30,000 customers of over 30 banks in Italy, Spain, Germany and Holland over summer this year. The theft used malware to target the PCs and mobile devices of banking customers (PDF). The attack also took advantage of SMS messages used by banks as part of customers' secure login and authentication process. The attack infected both corporate and private banking users, performing automatic transfers that varied from €500 to €250,000 each to accounts spread across Europe."

Orome1 writes "NetWars CyberCity is a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. It was developed to teach cyber warriors from the U.S. military how online actions can have kinetic effects. Developed in response to a challenge by U.S. military cyber warriors, NetWars CyberCity is an intense defensive training program organized around missions. 'We've built over eighteen missions, and each of them challenges participants to devise strategies and employ tactics to thwart computer attacks that would cause significant real-world damage,' commented Ed Skoudis, SANS Instructor and NetWars CyberCity Director."

Orome1 writes "NetWars CyberCity is a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. It was developed to teach cyber warriors from the U.S. military how online actions can have kinetic effects. Developed in response to a challenge by U.S. military cyber warriors, NetWars CyberCity is an intense defensive training program organized around missions. 'We've built over eighteen missions, and each of them challenges participants to devise strategies and employ tactics to thwart computer attacks that would cause significant real-world damage,' commented Ed Skoudis, SANS Instructor and NetWars CyberCity Director."

Orome1 writes "Facebook has announced some proposed updates to their Data Use Policy (how user data is collected and used) and their Statement of Rights and Responsibilities (explains the terms governing use of their services). These updates include new tools for managing Facebook Messages, changes to how they refer to certain products, tips on managing one's timelines, and reminders about what's visible to other people on Facebook. Elliot Schrage, Facebook's vice president of communications, public policy, and marketing, said: 'We found that the voting mechanism, which is triggered by a specific number of comments, actually resulted in a system that incentivized the quantity of comments over their quality,' he explained. 'Therefore, we're proposing to end the voting component of the process in favor of a system that leads to more meaningful feedback and engagement.'"

Orome1 writes "Facebook has announced some proposed updates to their Data Use Policy (how user data is collected and used) and their Statement of Rights and Responsibilities (explains the terms governing use of their services). These updates include new tools for managing Facebook Messages, changes to how they refer to certain products, tips on managing one's timelines, and reminders about what's visible to other people on Facebook. Elliot Schrage, Facebook's vice president of communications, public policy, and marketing, said: 'We found that the voting mechanism, which is triggered by a specific number of comments, actually resulted in a system that incentivized the quantity of comments over their quality,' he explained. 'Therefore, we're proposing to end the voting component of the process in favor of a system that leads to more meaningful feedback and engagement.'"

Orome1 writes "Microsoft today announced the global availability of Windows 8. Beginning Friday, Oct. 26, consumers and businesses worldwide will be able to experience all that Windows 8 has to offer, including a new user interface and a wide range of applications with the grand opening of the Windows Store. Launching at the same time is a new member of the Windows family — Windows RT — designed for ARM-based tablets and available pre-installed on new devices. In addition to Microsoft Office 2013, Windows RT is designed exclusively for apps in the new Windows Store. In addition to the range of new Windows-based devices available, consumers can also upgrade their existing PCs. Through the end of January, consumers currently running PCs with Windows XP, Windows Vista or Windows 7 are qualified to download an upgrade to Windows 8 Pro for an estimated retail price of US$39.99." Also at Slash Cloud, where Nick Kolakowski writes: "If the operating system and its associated hardware capture the attention (and dollars) of mobile-device users, Microsoft will have successfully expanded the Windows brand to a new and rapidly growing market segment. But if it fails, and Apple and Google continue to rule the mobility space, then Microsoft is left with few alternatives."

An anonymous reader writes "A web analytics company has agreed to settle Federal Trade Commission charges that it violated federal law by using its web-tracking software that collected personal data without disclosing the extent of the information that it was collecting. The company, Compete Inc., also allegedly failed to honor promises it made to protect the personal data it collected. KISSmetrics, the developer and seller of the homonymous tool, has agreed to pay up to make the suit go away, but the the two plaintiffs will get only $5,000 each, while the rest of the money — more than half a million dollars — will go to their lawyers for legal fees."

An anonymous reader writes "Hundreds of cyber security experts from across the EU are testing their readiness to combat cyber-attacks in a day-long simulation across Europe today. In Cyber Europe 2012, 400 experts from major financial institutions, telecoms companies, internet service providers and local and national governments across Europe are facing more than 1200 separate cyber incidents (including more than 30 000 emails) during a simulated DDoS campaign. The exercise is testing how they would respond and co-operate in the event of sustained attacks against the public websites and computer systems of major European banks. If real, such an attack would cause massive disruption for millions of citizens and businesses across Europe, and millions of euros of damage to the EU economy."

An anonymous reader writes with a bit of news about the compromised download of phpMyAdmin discovered on an sf.net mirror yesterday: "A malicious version of the open source Web-based MySQL database administration tool phpMyAdmin has been discovered on one of the official mirror sites of SourceForge, the popular online code repository for free and open source software. The file — phpMyAdmin-3.5.2.2-all-languages.zip — was modified to include a backdoor that allowed attackers to remotely execute PHP code on the server running the malicious version of phpMyAdmin." The Sourceforge weblog has details. Someone compromised a mirror (since removed from rotation of course) around September 22nd. Luckily, only around 400 people grabbed the file before someone caught it.

Orome1 writes "Microsoft has issued a security advisory with advice on how to patch a Internet Explorer zero-day vulnerability recently spotted being exploited in the wild by attackers that might be the same ones that are behind the Nitro attacks. News that there is a previously unknown Internet Explorer vulnerability that is actively being misused in the wild by attackers that are believed to be the same ones that are behind the Nitro attacks has reverberated all over the Internet yesterday."

Orome1 writes "Microsoft has issued a security advisory with advice on how to patch a Internet Explorer zero-day vulnerability recently spotted being exploited in the wild by attackers that might be the same ones that are behind the Nitro attacks. News that there is a previously unknown Internet Explorer vulnerability that is actively being misused in the wild by attackers that are believed to be the same ones that are behind the Nitro attacks has reverberated all over the Internet yesterday."

Orome1 writes "A file containing a million and one record sets containing Apple Unique Device Identifiers (UDIDs) and some other general information about the devices has been made available online by Anonymous hackers following an alleged breach of an FBI computer. 'During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java,' the hackers claim." Update: 09/04 13:44 GMT by T : A piece at SlashCloud points out that if the leak is genuine, this raises some sticky questions about privacy and security; in particular: "[H]ow did the agency obtain said information, and to what purpose? Why did all that personal data reside on the laptop of one special agent?"

Orome1 writes "A file containing a million and one record sets containing Apple Unique Device Identifiers (UDIDs) and some other general information about the devices has been made available online by Anonymous hackers following an alleged breach of an FBI computer. 'During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java,' the hackers claim." Update: 09/04 13:44 GMT by T : A piece at SlashCloud points out that if the leak is genuine, this raises some sticky questions about privacy and security; in particular: "[H]ow did the agency obtain said information, and to what purpose? Why did all that personal data reside on the laptop of one special agent?"

Orome1 writes "Joanna Rutkowska, CEO of Invisible Things Lab, today released version 1.0 of Qubes, a stable and reasonably secure desktop OS. It is the most secure option among the existing desktop operating systems — even more secure than Apple's iOS, which puts each application into its own sandbox and does not count on the user to make security decisions. Qubes will offer users the option of using disposable virtual machines for executing tasks they believe could harm their computer. These VMs will be lightweight, easily and extremely speedily created and booted, and would be just as easy to discard." First covered back in 2010. See some screenshots of the X11 part in action (and they say displaying clients from multiple "hosts" isn't useful...)

An anonymous reader writes "A new spear-phishing attack targeting a number of specific companies in a few industries, including the energy sector, has been spotted by several security companies. Dubbed 'Shamoon' due to a string of a folder name within the malware executable, the attack ends up with delivering destructive malware on the targeted computers that ends up making them unusable. The interesting part of this malware is that instead of staying under the radar and collecting information, the malware was designed to overwrite and wipe the files and the master boot record of the computer."

An anonymous reader writes "In a new study, Barracuda Labs analyzed a random sampling of more than 70,000 fake Twitter accounts that are being used to sell fake Twitter followers. They also analyzed some of the people that are using such fake followers including the recent example of U.S. presidential candidate Mitt Romney's Twitter account. Between Facebook's 10-Q filing stating that 83 million of its accounts are fake, to Mitt Romney's Twitter account recently falling under scrutiny for suspicious followings, fake social network profiles are a hot topic at the moment. And these fake profiles are at the center of a very vibrant and growing underground economy. This underground economy consists of dealers who create and sell the use of thousands of fake social accounts, and abusers who buy follows or likes from these fake accounts to boost their perceived popularity, sell advertising based on their now large social audience or conduct other malicious activity."

An anonymous reader writes "Nearly a year ago, Facebook introduced its bug bounty program, inviting security researchers to poke around the site, discover vulnerabilities that could compromise the integrity or privacy of Facebook user data, and then responsibly disclose them to the company. Still, when the social network's security team received a tip from a researcher about a vulnerability in the company's own network which would allow attackers to eavesdrop on internal communications, they made an unprecedented choice by broadened the scope of the bug bounty program and inviting researchers to search for other holes in the corporate network. Nobody expects malicious attackers to have a change of heart and hand over information about a vulnerability for a few thousand dollars when they could sell the stole information for much more. It should, therefore, come as no surprise that Ryan McGeehan, the manager of Facebook's security-incident response unit, stated that if there's a million-dollar bug, they will pay it out."